Our Most Popular Managed Services

If you need help deciding what services are best for your business let us know.

VT Logo header logo wrap shape

VT Logo header logo wrap shape

Award-Winning Dallas-Fort Worth IT Services.

Questions? Call (817) 595-0111

inner banner overlay

×

Error

The CEGCore2 library could not be found.

VersaTrust Blog

VersaTrust has been serving the Texas area since 1997 , providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

3 Tips Will Help Save Your Computer from Ransomware

GettyImages-1000962954

Quick Tips to Save Your Computer from Ransomware. 

Are you struggling to remove vicious ransomware from your computer? These quick tips will help you (safely!) access information on your computer and get back online in no time.  

You’ve heard about ransomware attacks, but never thought it could happen to you. That’s the beginning of the story that IT professionals around the world are hearing from users — business users, individuals, schools — there are no “safe spaces” when it comes to the ability of cybercriminals to wreak havoc on your technology. There’s always the option of paying the ransom, but this path is fraught with dangers. If the attacker doesn’t issue you the unlock code for your files, there’s no Better Business Bureau to report them, you lose the money you paid and will still need to work with professionals for ransomware removal. Understanding the three key variants of ransomware is the first step to potentially rescue your computer.

Continue reading

Watch Out! Windows 7 Loses Support in January

GettyImages-1079018918

If you use Windows 7, you need to be aware that Microsoft will end support for your operating system in January 2020. Now is the time to upgrade to Windows 10.  

Windows 7 is an operating system that still has plenty of serious fans – in fact, it was only earlier last year that the market share for Windows 10 moved past Windows 7. Considering that Windows 10 was released in 2015, that is saying something. All good things must come to an end, though, and Windows 7 is no exception. Microsoft is ending support for Windows 7 in January of 2020, which means that it will become much more difficult to keep the OS up and running moving forward. And a recent announcement from Microsoft has let Windows 7 users know that they are going to be seeing bigger, full-screen pop-ups to warn them of the upcoming end of life of the operating system.

Continue reading

Protecting Your Business Mac Computer from Cyber Infections: Tips to Know

Tips to Protect Your Mac Computer from Cyber Threats

Mac computers have an excellent reputation when it comes to cybersecurity, but they can still be targeted. Find out about protecting your Mac from threats.

Mac Cyberattacks

Malware, ransomware, phishing—the cyber threats on the internet abound, and these threats are generating an astounding cost to the people who rely on computer systems to do business. To date, the cost of cyber infections has racked up billions of dollars in costs to unwitting business owners, some of which thought they were protected. Even though Macintosh (Mac) computer systems are highly regarded for their security, they are still at risk. Here are a few tips you should know.

1. Keep your Mac properly updated.

Without a doubt, one of the biggest reasons Mac computers fall victim to a cyber-attack is because they are not updated as they are meant to be. The developers of the Mac operating systems, whether it is one of the older Mac OS versions or something more modern like Mojave, send out frequent security patches as new updates. If you have automatic updates turned off or do not take the time to update your computer manually, you could easily miss an important line of defense.

2. Use good security programs on your business Mac.

Just because you have a Mac that has a stellar reputation for protecting itself against cyber threats, it does not mean that you should not go a step further and install a good security program. These software programs are designed to catch all those things that get past the existing Mac firewalls and security defenses.

3. Keep your Mac free of unnecessary programs.

Every user has them—those unnecessary programs that are really not used often enough to be counted as valuable or useful. These unnecessary filler programs take up valuable space on your Mac computer and slow it down. If the system is already slow, it can make it harder to recognize when something is awry and something fishy is going on. Plus, the more unnecessary programs you have that you never use, the easier it is for malicious software to latch onto something and set up shop on your computer because you will never see it.

4. Get educated about the biggest threats to security on your Mac.

Knowledge is a powerful defense tactic no matter what type of computer or OS it is that you rely on as a business professional. You should take the time to familiarize yourself with the biggest MAC cyber threats and the types of cyberattacks most often occurring today. You should familiarize yourself with things like:

  • Phishing and how phishing attacks are carried out as well as how to avoid them
  • Ransomware and how it gets latched onto your Mac system
  • How to avoid things like malware that get attached to legitimate software

Whether you use your Mac for everyday tasks and projects at work or you have a system of Mac computers utilized by multiple employees and users within your organization, it is critical to protect your business Mac computers properly. Work with a managed IT service company to implement the best security measures and negate Mac cyber threats.

Continue reading

Happy Thanksgiving

Thanksgiving wouldn’t be complete without sending a thank you to all of the local businesses in our community and a special thank you to those who put their trust in us to manage their technology.

 

As we spend the day reflecting on what we’re thankful for, we hope you’re doing the same (and enjoying some delicious pumpkin pie while you’re at it!)

Have a great Thanksgiving!

Happy Thanksgiving

Tags:
Continue reading

Are SAML-enabled Enterprises Needed?

SAML-enabled Enterprises Increase Network Security with SSO

SAML helps organizations implement single-sign-on. End-users need a single username and password for system access. SAML simplifies management of network security  

One of the first things most of us do when we arrive at work is sign-on to the corporate network. On the rare occasion that we have to sign on to a specific application, we’re irritated. Why is the separate sign-on necessary? The simple answer is SAML.

SAML Enterprises

What is SAML?

SAML stands for Security Assertion Markup Language. It is an open standard for sharing information across an enterprise for authentication and authorization of the end-user. It’s what lets you sign on once to access multiple applications. For SAML to work, all applications must communicate using the SAML specification. If an application cannot support SAML, the end-user will have to sign on separately.

How Does SAML Work?

A single-sign-on (SSO) environment has an identity provider where the user’s identity information is stored. When the end-user wants to use an application in the SSO environment, the application or service provider makes a request to the identity provider. The identity provider authenticates the end user’s identity and responds to the service provider’s request. The end-user is either granted or denied access.

A simplified SAML process for an end-user named Joel might flow like this:

  • Joel tries to sign on to his work computer. His sign on initiates a request to the company’s identity or SSO provider, asking for authentication.
  • The SSO provider authenticates Joel’s identity and grants him access to the network.
  • Joel launches his email program. His request initiates an exchange with the email application referred to as a service provider.
  • The service provider is configured to authenticate using SSO, so the application asks the identity provider for authentication of Joel.
  • The identity provider responds to the service provider with a digitally signed response that identifies Joel.
  • The SAML-formatted response either authenticates and authorizes Joel for the email application or denies access.
  • The service provider validates the identity provider’s response and either grants or denies access to the email application.
  • Joel accesses his email via the service provider’s application, based on the identity provider’s response.

All requests and responses must conform to the SAML protocols for exchanging information.

Why Use SAML?

SAML centralizes the authorization process. It also externalizes authentication to a separate identity provider. The configuration provides several benefits for both the end-user and the organization.

  • SAML provides a standard for deploying internet-based single sign-on.
  • SAML raises security access to the highest level. An identity provider can enforce a high level of authentication, such as Two-Factor Authentication, even if the individual applications do not support a high degree of authentication.
  • SAML simplifies the sign-on process for the end-user, who only has to remember a single user name and password.
  • SAML offers a single point for deactivation by centralizing access rights.
  • SAML enables the identity provider to audit access across SAML-enabled applications.

With a SAML-enabled enterprise, administration and monitoring of user access are reduced. Using an identity provider with a higher level of authentication than other applications within the network increases security. Allowing end-users to sign-on with a single username and password minimizes the number of times individuals require assistance because of forgotten passwords or usernames. The ability to control user access from a single point enables an organization to de-activate end-users quickly.

Tags:
Continue reading

How to Hire Qualified Computer Specialists

Need to Hire a Computer Repair Specialist? 5 Criteria to Consider

Are You Ready to Hire a Computer Repair Specialist? Read about the 5 Criteria You Need to Evaluate to Avoid Hiring the Wrong Person and Costly Mistakes  

Computer Repair

Computer use in the U.S. has grown exponentially in the last decade. Over 15 million computer devices were shipped out to users per year in 2003, according to industry data. That amount rose to an astonishing 65 million per quarter in 2015. With that many devices in consumers’ hands, computer repair specialists are a must for personal and enterprise users when something goes wrong. However, when it comes time to decide who to hire, knowing what criteria to look for can mean the difference between a mediocre and an excellent result.

Experience Levels

When deciding to hire a computer repair specialist or vendor, ask about the length and type of experience the specialist has. A specialist that has years of experience with the types of devices your organization has is ideal. If hiring a specialist from a local or national vendor, ask how employees or contractors are selected. Some vendors, for example, will only hire contractors that have successfully completed various industry certifications.

Education and Training

Hiring specialists that possess a formal degree in computer science or information systems can help improve the quality of service you receive. Industry certifications specific to general computer repair and troubleshooting, Apple, and Microsoft devices can also help. Specialists that keep up to date with industry trends and changes through continuing education courses is another good sign you will receive excellent service. Yet, industry certifications and degrees alone are not as important as years on the job and skills.

Device Types

Take a look at what types of devices your organization has and what devices require ongoing or periodic support. Some repair technicians will be highly specialized in certain types of devices, such as tablets or desktops. Repair specialists may only work on specific brands like Apple or Dell. Another important consideration is determining which repairs and devices can be supported internally versus externally. Simple repairs like replacing or upgrading RAM might be able to be completed by your internal IT department, depending upon the device brand and type. Other repairs like replacing a motherboard could be more complicated and require the device to be shipped into a vendor’s depot or replaced with a similar unit.

Cost

The cost of hiring a qualified computer repair specialist is usually at the top of most organizations’ criteria. Although it can be tempting to choose the vendor or specialist that offers the lowest price, this may not always be the best option. Consider whether there will be extra fees for issues that come up after the initial repair is completed. Also, check into whether completed repairs come with a warranty and how long the warranty lasts. Keep in mind that while the price of the service is not necessarily equated with quality, choosing smaller vendors or individual repair specialists will likely provide you with the best value.

Recommendations

Ask peers for recommendations on qualified computer repair providers. If the vendor or specialist is local, visit the location as a potential customer to see how the specialist responds. Assess whether you were treated courteously, whether the technician attempted to listen to your problem, and what repairs the technician recommended.

Continue reading

Chrome Users Need to Update Now

Why Google Chrome Users Should be Concerned About Security Patches

Does Your Organization Use Google Chrome? Find Out Why Recent Security Flaws Have Created an Urgent Need to Update Your Devices’ Browsers Immediately  

Google Chrome Updates

If users in your organization use Google Chrome, there is a high chance that several of those systems are creating an opportunity for hackers to install malware. Google recently identified a major security flaw with its Chrome browser that impacts Windows, Mac, and Linux-based devices. Although Google has released a security patch to correct the security vulnerabilities, the patch fixes two separate problems.

Security Vulnerabilities

One of the security vulnerabilities Google identified is Chrome’s audio component. The other vulnerability is tied to the browser’s PDF library. Both allow unwanted modifications or corruptions to memory data. This allows hackers to elevate privileges on the device or within applications installed on the device. If someone is able to gain administrative access to a system or software on a system, the individual could make unwanted changes or wreak havoc on the device’s operating system. There is also a high chance that a hacker could install malware or execute malicious code on the device.

Version

The version of the browser that fixes the security issues is 78.03904.87. Although the Chrome browser may be configured to automatically update itself in the background upon launch, it is a good idea to manually check each device. The browser can be manually checked by selecting the Help menu and then “About Google Chrome.” If there is an update available, the browser will automatically search for it and find it. The browser’s version will also be displayed in the “About” section. If the listed version is 78.03904.87 or later, then the device has received the necessary security patch.

If there are problems with the browser updating, it may need to be removed from the system and reinstalled. Some organizations have an automatic process to uninstall and reinstall applications from the server once the devices connect to the organization’s network. Reports can be run to see which systems still have outdated versions and technicians should manually check those systems to diagnose why automatic updates are not going through.

Other Considerations

A system that is not receiving automatic updates from Google Chrome may have other issues. Technicians should check for the following:

  • Is the anti-malware program up to date and running correctly?
  • Is the OS receiving approved updates and are these updates installing?
  • When was the last time the system pinged the network?
  • Has the system been restarted recently?
  • If the system has been disconnected from the organization’s network, how long has it been offline?
  • Has a malware scan recently been run? Were any malicious items identified and removed?
  • Are there are any suspicious executables or unauthorized programs installed?

Sometimes wiping a system and completely reinstalling the OS are the best courses of action. Signs that a device may be too infected, corrupted, or outdated include the presence of unauthorized or suspicious applications, more than 100 pending OS updates or a previous update date that is more than a month old, and an anti-malware program that will not update or run a scan correctly. Before wiping a system and reinstalled the OS, a technician should check for and back up any user data that may be installed on the device’s hard drive. However, the data should be carefully scanned for any malware infections prior to transferring it back onto the system.

Tags:
Continue reading

What Are Your Company’s Responsibilities Following a Data Breach?

Learn from Marriott’s Example: Notification Responsibilities After a Data Breach

Most states, the District of Columbia, the Virgin Islands and Puerto Rico have passed legislation regarding notification of security breaches. Know the laws in your state.  

Cyberbreach Marriott

To answer this question, let’s start with the example experienced by Marriot International recently when a breach exposed the social security numbers of the hotel chain’s associates. Then, we’ll look at the federal and state requirements for notifying those impacted by a breach that involved their data.

How Did Marriott International Employees Fall Victim to a Data Breach?

Marriott International told some of its employees that their social security numbers (SSNs) had been exposed to an unknown person. The risk came from a vendor that handled documents for the hotel chain.

On September 4, 2019, Marriott found out that someone access information recorded on those documents, which included subpoenas and court documents. The notification, which came two months after the incident, merely stated that someone may have accessed the records, which is all hotel representatives claim to know. The potential breach impacts over 1,500 Marriott employees. On October 30, the hotel started sending notifications via regular mail for anyone it hadn’t been able to find.

Those impacted will receive free credit monitoring as well as identity theft protection for one year at the company’s expense. Notification and credit monitoring services are part of recent data breach laws, but one must wonder what took Marriot so long to notify the victims.

Why Did Marriott Have a Difficult Time Finding Victims?

Marriott received a list of those impacted, but most had no address. This may be the most significant factor in the delay. And, it’s not an unusual one. Company records breached by hackers may be incomplete in the best of circumstances, and this information was sitting in several external systems.

The unnamed firm said all Marriott employee data was deleted from its system. One of the problems in cases like this is storing data in multiple systems, which increases the risk of theft and data breaches. Marriott no longer partners with the vendor.

What Are Your Company’s Responsibilities in Case of a Data Breach?

The FTC recommends following these steps, some of which are legally required.

Secure your Operations

Move quickly to take whatever steps are needed to secure your systems. Otherwise, your data breach can result in a series of breaches. Mobilize or form a breach response team to shore up your network against further loss.

Fix Vulnerabilities

As part of the fix, you need to anticipate questions that clients, associates and the authorities may have. Put together clear questions and answers to post on your website. Direct communication may ease frustration and concerns, especially if it takes some time to identify those impacted, as in the Marriott cases.

Work with forensic experts to track to determine what records were at risk.

Notification

Most states, the District of Columbia, the Virgin Islands and Puerto Rico have passed legislation regarding notification of security breaches. You must notify the affected parties when personal information is involved. Check the laws in your state as well as the federal laws and consult with your legal team regarding your responsibilities.

Continue reading

4 Dangers of Hiring Printer Companies to Manage Your IT Services

4 Reasons Not to Hire Printer Companies

Thinking about saving money on your IT services with a printer company? Learn about the pitfalls and dangers of relying on support from companies without expertise.  

Printer Repair Companies

Hiring a printer company to take care of your IT services can seem like a great solution. You won’t have to consult with multiple vendors or negotiate multiple contracts. A printer company might even offer to take care of all of your IT services for less than what you’re currently spending. However, there are several reasons why you should not trust a printer company as your single vendor for all of your organization’s IT needs. Although you may pay less, that lower price comes with a higher cost – substandard service and support.

The delivery of substandard service and support from printer companies occurs due to the following:

  • A lack of experience
  • An inability to understand the true nature and components of IT services
  • Inadequate resources directed towards developing IT and IT services
  • Unstable organizations due to conflicts between printing and IT services

Insufficient Experience

By design, printer companies are specialists in troubleshooting and maintaining two items – printers and copiers. While these companies are experts at providing service on these types of devices, branching out into the world of IT services is not something these companies have done in the past. Even though the staff may have basic troubleshooting, sales, and customer service experience under their belts, they may only have limited experience with the complexities of managing networks.

Lack of Understanding

Since printer companies do not have decades of experience with IT services, there is often a skill and knowledge gap. Without an understanding of and experience with more complex computing devices, troubleshooting skills may be limited. Computing devices, servers, and network equipment are more intricate than printers or copiers. In order to configure, deploy, maintain, troubleshoot, and fix this type of equipment, advanced and interdependent knowledge is necessary. It is far easier for printer companies to overlook the source of a problem with network dependent devices and the network itself simply due to a lack of skill.

Inadequate Resources

Since these companies specialize in printers and copiers, it is more difficult to devote internal resources to IT services. This means that there may be little put into research and development, training staff on the skills they need to support IT services, and a lack of support staff designated to managing IT services for clients. In other words, printer companies tend to overpromise and underdeliver when it comes to supporting services and devices outside of printers.

Instability

When printer companies try to branch out into IT services, it can cause internal conflict. Staff that is managing printers and copiers may not be able to keep the company afloat, due to the fact that the company is not reinvesting what it should into its printer expertise. Consequently, both sides of the business begin to suffer, and animosity develops. Leaders within the company may decide to cut out IT services altogether, leaving clients without support.

Continue reading

For those who deserve our utmost respect… 

November 11th is Veterans Day… 

A day where we stand united to honor those who are currently serving and those who have served – those who sacrificed for the common good of our country. 

 

And for all they’ve done, we say thank you. 

Thank you to those who have and those who continue to place themselves in harrowing situations in the name of protecting our freedom. 

However you’re planning on spending the day, remember to take a moment to think about these exceptional men and women.

Veterans Day

Tags:
Continue reading

Stop Hackers Cold: Eliminate These Common Entry Points

Weak Points in Cybersecurity Hackers Love

Do you know where hackers are most likely to gain access to your private data? Discover the favorite entry points and how you can stop them.  

Cybersecurity Threats

It seems like every week that there are reports of another massive data breach hitting the news. The number of users affected is almost unimaginable. Cybercriminals accessed 983 million records at Verifications.Io and 885 million records at First American Financial Corp., alone. Its scary stuff, but what’s even more terrifying is the majority of compromised companies never show up in the papers.

During the first half of 2019, there an average of 30 data breaches per day. So, how are hackers stealing so many records so quickly? They have their ways.

Four Places Cybercriminals Love to Steal Your Data From

1. Old Websites. The internet is a graveyard of abandoned and unprotected half-built sites which are the favorite hunting grounds for hackers who are on the lookout for easy and virtually risk-free hacking opportunities. Although it is true that most of these sites contain nothing more than a few email addresses and dummy accounts, every so often, a cybercriminal can strike goldmine. On occasion, legacy and demo sites for large businesses are still connected to the company’s servers and provide a nice backdoor to confidential data.

You can protect your business by completely removing old sites from online and limiting which sites have access to your servers.

2. Free Code. Many sites offer free code snippets that you can use for free on your website. All you have to do is download it and you can save hours of time and thousands of dollars. Good deal, right? Well, have you ever heard the Japanese saying, “There is nothing more expensive than something free?” When it comes to the code for your website, it is a motto you should take to heart. Using someone else’s free code for your company’s website could be the most expensive mistake you ever made. While clean, secure codes for free does exist online, the majority of what you will find is usually poorly written, and as solid as a sieve.

Stop hackers from using embedded backdoors in public code by not using it for mission-critical websites.

3. Unsecured Cloud Storage. Everyone is talking about the benefits of cloud computing and cloud storage, and it seems like businesses can’t wait to make the jump to working on the cloud. But before trusting your company’s confidential data to any third-party cloud storage solution, you better make sure the vendor has tight security. Many big-name companies like Facebook and Microsoft forgot to ensure their third-party vendors had the proper security, and the results were embarrassing and costly data breaches.

Carefully choose who you use for outsourcing and take an active role in protecting your data, even if it is hosted on a third-party’s server.

4. Unprotected APIs. Does your business use custom apps that utilize APIs? If the answer is yes, you may be exposing your confidential data to hackers without knowing it. While in-house app developers spend a great amount of time safeguarding your app itself, from exploits, the APIs you are using from an outside developer to power your app may be a gaping hole in your defense.

Review the end-user agreements for the APIs you use and conduct penetration tests to check for vulnerabilities.

In the end, protecting your data and the confidential information of your customers falls on your shoulders. No one can be perfect when it comes to online security, but every single business can do better.

Continue reading

Want To Drastically Enhance Your Small Business Cybersecurity?

No matter how secure you may be right now, you could always be doing more. Have you double-checked your cybersecurity lately? Review the best practices below to strengthen your small business cybersecurity.

When everything is going well, the last thing you want to do is think about what will happen when something goes wrong. It’s not necessary to dwell on the potential for a security disaster though – you know that it’s a possibility, so let’s just leave it at that. What’s important about this is that you know to cover your bases.

Cybersecurity Small Business

No need to assume the worst – just plan for it, so you know you’re protected. As that old saying goes, “An ounce of prevention is worth a pound of cure”.

Do what you need to do to “prevent” now, so you don’t have to pay for the “cure” later.

Use A Firewall

Your firewall is your first line of defense for keeping your information safe.

A firewall is a particular type of solution that maintains the security of your network. It blocks unauthorized users from gaining access to your data. Firewalls are deployed via hardware, software, or a combination of the two.

A firewall inspects and filters incoming and outgoing data in the following ways:

  • With Packet Filtering that filters incoming and outgoing data and accepts or rejects it depending on your predefined rules.
  • Via an Application Gateway that applies security to applications like Telnet (a software program that can access remote computers and terminals over the Internet, or a TCP/IP computer network) and File Transfer Protocol Servers.
  • By using a Circuit-Level Gateway when a connection such as a Transmission Control Protocol is made, and small pieces called packets are transported.
  • With Proxy Servers: Proxy servers mask your true network address and capture every message that enters or leaves your network.
  • Using Stateful Inspection or Dynamic Packet Filtering to compare a packet’s critical data parts. These are compared to a trusted information database to decide if the information is authorized.

Train Your Staff

Your staff can have a significant effect on your cybersecurity – either they know enough to keep your assets secure, or they don’t, and therefore present a serious threat to your security.

So, which is it? Do your employees and volunteers have the knowledge they need to spot cybercrime scams, avoid common pitfalls and keep your data secure?

If you’re not sure, then they may need training. Security awareness training helps your employees and volunteers know how to recognize and avoid being victimized by phishing emails and scam websites.

They learn how to handle security incidents when they occur. If your employees and volunteers are informed about what to watch for, how to block attempts and where they can turn for help, this alone is worth the investment.

How Do I Train My Employees For Cyber Security?

A comprehensive cybersecurity training program will teach your staff how to handle a range of potential situations:

  • How to identify and address suspicious emails, phishing attempts, social engineering tactics, and more.
  • How to use business technology without exposing data and other assets to external threats by accident.
  • How to respond when you suspect that an attack is occurring or has occurred.

Strengthen Your Passwords

Passwords remain a go-to tool for protecting your data, applications, and workstations.

They also remain a common cybersecurity weakness because of the careless way employees go about trying to remember their login information. Weak passwords are easy to compromise, and if that’s all that stands between your data in the cloud and in applications, you could be at serious risk for a catastrophic breach.

That’s why protecting your login processes with an additional layer of security – multi-factor authentication – is recommended. Multi-factor authentication requires the user to utilize two methods to confirm that they are the rightful account owner. It is an available security feature in many popular applications and software suites.

There are three categories of information that can be used in this process:

  • Something you have: Includes a mobile phone, app, or generated code
  • Something you know: A family member’s name, city of birth, pin, or phrase
  • Something you are: Includes fingerprints and facial recognition

Protect Mobile Devices

Implement Mobile Device Management and Bring Your Own Device policies that allow employees to use their own devices in combination with the business’ without compromising your security:

  • Require password protection and multi-factor authentication for mobile devices.
  • Deploy remote access software that allows you to locate lost/stolen devices, and remotely wipe their data if need be.
  • Develop a whitelist of apps that are approved for business data access.

And don’t limit yourself to desktops, laptops, and phones – there’s more out there for you to take advantage of. Have you considered what the Internet of Things and wearable devices can do for workplace efficiency? Now’s the time to get on board – up to 20.4 billion IoT devices will be online by 2020.

Manage Account Lifecycles And Access

This is one of the more basic steps on the list, but no less important. It can’t really be automated or outsourced to any technological aids; it’s just about doing the work. You need to have a carefully implemented process to track the lifecycle of accounts on your network.

  • Follow a careful system for how accounts are created for new members, how their security is maintained and verified through their life, and how they are removed when no longer needed.
  • Implement secure configuration settings (complex passwords, multi-factor authentication, etc.) for all accounts.
  • Implement controls for login and use, such as lockouts for too many unsuccessful logins, unsuccessful login alerts, and automatic log-off after a period of inactivity

Protect Your Wireless Networks

Wi-Fi is a necessary part of doing business. Your staff cannot go without it, so it becomes your responsibility to make sure it’s secured, simple as that.

  • Turn off broadcast so that your SSID is not available for others to see.
  • Use WPA2-Enterprise security, which forces per-user authentication via RADIUS for access.
  • Double-check your radio broadcast levels at default to make sure they don’t extend outside your building.
  • Create a Guest Network that’s segmented and has a limited bandwidth so that those visiting your building don’t have any chance of access to your data.
  • Monitor your network, and log events to track any activity by your employees and other contacts with network access.

Limit Unnecessary Physical Access

Your cybersecurity measures won’t amount to much if your laptops, tablets, smartphones and other devices are left out in the open for anyone to take.

It’s one thing for a cybercriminal to hack into your system remotely. It can be significantly easier if they’re doing so directly on a business device.

  • Keep business devices under lock and key when not in use.
  • Maintain a detailed inventory of who has authorized use for specific business devices.
  • Don’t leave the login information on a sticky note on the keyboard of the device.

Follow Payment Card Best Practices

If you accept payment through credit and debit cards, make sure to follow established security policies and practices to mitigate any potential risks.

  • Work with banks and other financial industry contacts to make sure you’ve implemented the right cybersecurity tools and anti-fraud services.
  • Double-check your compliance requirements for FINRA, GLBA, and SOX.
  • Segment networks involving a point of sales and payment systems from any unnecessary aspects of your IT infrastructure. No unnecessary software or web access should overlap with these systems.
Continue reading

Downtime Is Extremely Expensive – Can You Actually Afford It?

Downtime is bad for business.

Whether you agree or not, it’s a fact – just a couple years ago, small businesses with up to 50 million in annual revenue reported that just a single hour of downtime cost them $8,600.

Computer Network Downtime

Why Does Downtime Cost So Much?

The main cost of downtime is not the fix itself, it’s the halt in your business’ productivity. If an IT-related or natural disaster occurs and takes critical systems offline, employees will be unable to complete their tasks, yet your normal business expenses will carry on.

During that time, you incur all the expenses of running a business without the revenue you would usually generate. Even if downtime does not grind everything to a halt, some of your staff will have to divert themselves from their normal work to mitigate the problem – again reducing productivity. Furthermore, while your systems are down, you can’t deliver services or sell products to current and potential new clients.

Not all of the costs associated with downtime have a tangible price tag. The trust of your clients and the reputation of your company are invaluable assets that can erode with prolonged or frequent downtime issues. A diminished reputation can negatively affect your future business opportunities.

Some downtime is inevitable, but much of it can be prevented and mitigated.

What Are The Primary Causes Of Downtime?

  • Power Outage: If your power source fails, that can lead to a long list of complications like servers going down and lost, unsaved data.
  • Cybercrime: Cybercrime has increased in recent years and is still on the rise. All it takes is one employee opening a malicious attachment and your business data could be held hostage.
  • Human Error: Accidentally unplugging key equipment, overloading the system, and improper installations can all cause downtime, but maintaining certain policies and procedures can cut down on human error.
  • Natural Disasters: Hurricanes, tornadoes, floods, and earthquakes happen. Having a plan for getting back to business if the unthinkable happens is the fastest way to recover.

What’s The Best Way To Prevent Downtime?

…by stopping it in the first place.

The best way to approach downtime prevention is proactively – you need to keep an eye out for system issues that can spiral into total stoppages. You need to implement backup technologies and best practices to prevent outages. You need to enhance your cybersecurity to protect against cybercrime.

Unfortunately, that’s a lot for you to handle on your own, especially when have other work to see to. That’s why a managed IT services company can be so helpful. They’ll provide 24/7 active monitoring of your systems, business continuity best practices and cybersecurity services that will keep costly downtime at a minimum.

 

Continue reading

Which Cloud Storage is Right For Your Business

Don’t Be Confused When It Comes to Cloud Storage Options

Cloud storage helps your employees share and collaborate like never before. Check out these three popular cloud storage solutions to find the one best for you!  

Cloud Storage

Businesses are making the switch from physical servers to cloud storage to increase productivity and streamline file-sharing capabilities. This short review looks at three of the most popular cloud storage options, OneDrive, Dropbox, and Google Drive, comparing their storage capacity, file-sharing capabilities, and pricing.

All three of these cloud storage solutions offer various plans for both personal and business use. OneDrive and Google Drive also have options to bundle cloud storage along with access to online versions of standard office applications. In this review, we will look only at the lower-priced standalone cloud storage business solutions available from OneDrive and Dropbox and the Business and Enterprise solutions from Google Drive that do include access to GSuite applications.

OneDrive from Microsoft

OneDrive has two tiers of dedicated cloud storage. Plan 1 costs $60 a year and gives you 1 TB of cloud storage. You can opt for Plan 2 at $120 per year if your business has five or more users, and you need unlimited storage. OneDrive does not offer per month pricing. There is a 15 GB limit per individual file.

When it comes to collaboration, OneDrive shines. It is easy to access stored files directly from the Microsoft ecosystem of products, or use the built-in search and discovery tools to find the files you need. Share individual files securely with a link and set permissions to prevent unauthorized changes. Plan 2 also comes with upgraded security, including data-loss prevention, to help you to monitor and protect your confidential information.

Dropbox

Businesses with three or more users can choose either the Standard or Advanced business plan from Dropbox. The Standard plan comes with 3 TB of cloud storage and costs $150 a year or $15 monthly. The Advanced plan is $240 a year, or $25 monthly. With a file transfer limit of only 2 GB per file, Dropbox’s Standard plan may not fit your needs, but its Advanced plan does allow up to 100 GB transfers.

Many, but not all, popular business applications are already configured to connect with Dropbox. Users have the option to share files through a secure link or to use Dropbox Spaces to allow other employees access. Administrators can create private groups for members to share their work.

Google Drive

Google Drive offers a Business plan for $12 a month and an Enterprise Plan for $25 a month. Both come with only 1 TB of storage unless you maintain five licenses. Then you receive unlimited storage. The maximum size of an individual file is 5 TB.

Both plans let you share files with links, and admins can set security controls to manage file permissions. The Enterprise plan offers data loss protection and improved security options.

For most businesses, OneDrive makes the most sense. It is already optimized to work with the Microsoft applications you probably already use. The only major drawback is the 15 TB limitation on file transfers, but this restriction won’t affect most businesses.

Continue reading

5 Ridiculous Ways Technology Transforms Your Industry

Incredible Ways Technology Has Changed How We Do Business

How has technology transformed your industry? Explore 5 important ways technology has recently changed how we do business, delight customers and grow businesses  

Technology Transformation

It doesn’t matter which industry we’re in. Technology is a must. It makes things faster, safer and better when used right. It can propel our businesses and leave competitors in the dust. But many businesses are simply unaware of what’s out there and just how accessible it is to any size business. Here are five incredible types of technology that are completely reshaping how we do business.

1. Big Data Revolutionizes Data-Driven Decisions

As business leaders, we’ve always made decisions based upon the available data. But more recent advancements in data collection and analysis have made it easier and more cost-effective to gather data and put it to work. We can make smarter decisions about the direction of our companies where we once had to rely solely on gut instinct.

We can enhance customer experiences to not only increase sales but to raise that net promoter score, building trust, loyalty and powerful word-of-mouth.

2. We Reach Customers in More-Effective Ways

87% of purchases now begin online. This doesn’t mean they buy online, just that they found the product or service online.

Digital marketing technology is a business technology that has transformed how we connect with customers. We can now more precisely target audiences to enhance the relevance of our ads to specific customer bases.

Thanks to the pay-per-click model, we don’t pay for advertising that doesn’t work. And thanks to optimization tools we continually improve strategies to find what does work.

Digital marketing allows us to reach customers where they find new products and services through:

  • Search engines
  • Social Media
  • Review Websites
  • Influencers

3. Virtual Reality Gives Employees Real-World Training

From healthcare to aviation to manufacturing, virtual reality (VR) and augmented reality (AR) are helping schools and businesses train employees in very lifelike situations. Employers can help employees become more comfortable in likely scenarios by allowing them to experience it in an artificial environment first. They can learn how candidates may perform at their jobs before sending that job offer to get the best people into important roles.

4. Enhanced Business Continuity Tools Reduce Down-time

From more effective ways to keep business and customer data safe to data backup to re-routing of important functions to remote locations, advancements in technology are making it easier for businesses to both avoid disasters (physical and virtual) and keep moving when disaster strikes.

Developing a strategy, deploying tools effectively and putting a plan into action, of course, take know-how, but those involved in business continuity planning now have a wider range of tools for the business continuity tool belt.

5. Better Technology for Less Cost

It’s not news to anyone that technology gets cheaper the longer it’s in use. And by now many amazing technologies have been around long enough that they’re getting very affordable, even for small business. Yet, many businesses still aren’t taking advantage of them because they don’t know what’s out there.

That’s why it’s important to work with technology experts who can introduce you to technology you’ll find useful to cut costs, enhance productivity, delight customers and more. To learn more about how technology is disrupting every industry, follow our blog.

Continue reading

Should You Worry About Facebook Identity Thieves?

Tips for Avoiding and Reporting Facebook Identity Theft

Financial fraud and access to confidential business data rank among scammers’ reasons for setting up fake profiles in Facebook identity theft schemes.  

Elite Business Group

Right now, hundreds of people could be viewing your photos on Facebook — on an account that doesn’t belong to you. In recent years, Facebook identity theft has become a significant problem, leaving victims struggling to reclaim their rightful identities on the social media platform. What do you need to know, and how can you protect yourself?

Reasons Behind Facebook Identity Theft

Imagine receiving a sudden flurry of messages from friends and family members alerting you that someone is posing as you. After the initial shock, you might wonder why an individual would go to the trouble of setting up a fake profile that uses your name and other identifying details.

As banks and other financial institutions have become better at spotting fake identities, scammers have turned to using the identities of real people for a variety of purposes, including opening lines of credit and draining bank accounts. Setting up a Facebook profile can be one step in establishing ownership of an identity — especially if the scammer can manage to get the real identity owner locked out of their account in the process.

How Can Your Job Make You a Target?

In addition to financial fraud, prospective scammers often have another goal in mind when they target specific individuals: access. Facebook identity thieves may target people in certain jobs — including CEOs, IT directors and human resources managers — because of their valuable access to data, people and financial resources.

By posing as a key executive in an organization, an identity thief may hit the jackpot by gaining access to computer systems that hold confidential customer data, employee Social Security and bank account numbers, or proprietary information. Scammers may set up a fake profile in your name as part of a social-engineering scheme designed to persuade your Facebook contacts to turn over information or access.

Steps for Preventing Facebook Fraud

To help lock down your Facebook account and prevent identity theft, consider adjusting your privacy settings to control who can view your photos and posts. Allowing everyone — or even friends of your friends — to see your information can make you vulnerable to identity theft.

Avoid accepting friend requests from unfamiliar people, and use caution when posting photos; think twice before posting images that include your driver’s license or other documents with identifying information. In addition, consider setting your profile to unsearchable.

What if someone has stolen your identity on Facebook? If you receive a friend request from someone who already is on your friends list, you may be the victim of identity theft. You should take immediate action by reporting the suspect profile if you discover that someone is using your name, photo or other identifying details. In the event that an impostor reports your account as fraudulent and has you blocked, you may need to ask a friend to report the incident for you.

Continue reading

Happy Halloween

Happy Halloween!

What better time than now to tell some scary stories?

Happy Halloween

Ok, so they’re not “scary stories” per se, but facts that will alarm AND spook you.

Here’s Your Special Halloween Treat

Take action to protect against cybercrime. Hit the reply button to schedule your free cybersecurity consultation with us.

In the meantime, have fun this year, whether you’re taking the kids out trick-or-treating or heading to a few parties.

Have a great day!

Tags:
Continue reading

How VersaTrust Partners with Cities to Prevent Cyberattacks

Envelope with virus being delivered to a computer

Across the country more than 140 municipalities, police departments and hospitals have fallen victim to ransomware attacks so far this year. Texas, where 22 public institutions have been infected by malware and held hostage, has been far from immune.

In this case study review, we share how the Defense in Depth network security solution we installed helped the City of Richland Hills avoid two potentially debilitating cyberattacks.

Background

The City of Richland Hills is a municipality of 8,000 residents located in Tarrant County, Texas. The city employs 110 full- and part-time employees. The Richland Hills Police Department is required to comply with stringent information technology regulations from the Criminal Justice Information Systems (CJIS), the Texas Department of Public Safety and the FBI.

VersaTrust’s relationship with Richland Hills began in 2014 when we entered an open bidding process to provide managed IT services. Since then, we’ve managed their IT infrastructure and helped them maintain CJIS compliance.

Issue

Several years into our relationship with Richland Hills, the city manager decided to take a proactive, preventative approach to IT security. He asked VersaTrust to participate in another competitive bidding process — to provide security services.

While the competition offered one-size-fits-all packages, no matter the cost point, VersaTrust designed a package that provides layered security to the city’s network and fits their budget. The city approved our solution and we became their managed security service provider.

Solution

The security solution we designed for Richland Hills is a Defense in Depth approach that borrows from advanced Department of Defense (DoD) methodology and tactics. In Defense in Depth, we create an infrastructure that deploys multiple barriers, rather than a single perimeter, to prevent, detect, quarantine and eliminate cyberthreats.

Defense in Depth

Traditional antivirus programs and firewalls are insufficient on their own to protect against modern, dynamic hacking tactics. Most hacks originate through some form of phishing attack in which an employee opens the door to an attacker by clicking a link or opening an attachment.

While there’s no substitute for employee training on cybersecurity best practices, Defense in Depth involves monitoring the network and individual workstations to detect the kind of abnormal behavior that signals a breach.

The City of Richland Hills suffered two breaches – each the result of employees falling victim to phishing attacks. In both cases, Defense in Depth performed optimally and prevented catastrophe.

Breach #1: Ransomware introduced through a link

Issue: Richland Hills’s first hack occurred when an employee clicked an email link from an unknown sender. The link downloaded ransomware, infected the workstation and attempted to spread across the network.

Response: The hack bypassed the robust antivirus tools and firewalls that we installed because the employee actively, if accidentally, introduced the infections. Our Defense in Depth response took over.

Our Security Operations Center (SOC), which monitors our clients’ systems 24x7, detected unusual activity on the network within moments. In real time we identified the ransomware’s origin and shut down the culprit system.

Breach #2: Password stealer infection from a fake PDF

Issue: The second breach took the form of an Emotet, a password stealer that jumps from one workstation to another. It was packaged and disguised as a fake invoice attached as a PDF to an email. The city official opened the attachment, even though he did not recognize the sender, and the Emotet began deciphering passwords.

Response: Once again, our SOC detected unusual activity before Richland Hills employees felt the symptoms of the attack. We quarantined the password stealer and froze the compromised accounts. Meanwhile, the city’s other employees continued working unaffected while we repaired the damage.

Results

The Richland Hills city manager appreciates our Defense in Depth solution first and foremost because it keeps their computers free of adware and malware, which improves performance and lengthens the intervals between hardware upgrades and new computer purchases.

Having suffered two of the most common breaches that can hamstring an organization, Richland Hills has first-hand experience to prove that Defense in Depth identifies and immediately responds to a hack before negative consequences are felt. Moreover, in the aftermath of these breaches, Richland Hills engaged VersaTrust to provide employee training across the city’s workforce, which has now become mandatory for municipalities in Texas.

Whatever your industry and unique set of circumstances, a multilayered approach is essential to securing your business in today’s complex cyberthreat environment. Reach out to us (817-595-0111 or email) for more information today.
Continue reading

Quickly Unlock Useful iTunes Store Applications that Are Blocked in Your Country

Unblock Geo-Restricted App Store or iTunes Content in a Few Clicks

Discover how to quickly gain access to geoblocked apps via the App Store or iTunes with a few simple clicks whether you’re on on an iPhone, iPad, Mac or PC.

Unblocking App Store

Apple’s App Store and iTunes apps give you access to thousands of great games, utilities and social connections. But there are thousands more you can never access due to geographic restrictions.

Why Are Certain Apps Blocked?

Location-based restrictions, known as geoblocking, are actions taken by companies or government regulators. They restrict access to content, including App Store apps, based on your location. You can experience these issues on sites such as YouTube or platforms such as Netflix, where certain content is unavailable to certain users, often due to licensing issues or other legal issues.

Geoblocking is usually done by tracking the unique identifiers known as Internet Protocol (IP) addresses. Any request you make to a site or app includes your IP address so the pinged computer knows where to send the requested content. IP addresses are allocated to internet service providers (ISPs) to distribute to their customers and reflect the geographic location of the computer, smartphone or another connected device.

Why Unblock Geoblocked Content?

There are many valid reasons for wanting to access geoblocked content. You may be visiting or living in another country and want to connect with content and functionality unique to your country. Maybe you need to access content that is only available via an app that is restricted at your current location. You might want to compare content presented on different versions of an app.

No matter what the reason, geoblocking can cause frustration for those wanting to access something they can’t connect to. Fortunately, there are some easy ways to unlock this content.

How Do I Unlock Geoblocked Content?

Here’s a step-by-step guide to unlocking iTunes and App Store content in another country. No matter which method you use, be sure to cancel any subscriptions to Apple Music, iTunes Match and other apps associated with your Apple ID.

  • On an iPhone or iPad
    • Open Settings > [Your Username]
    • Click on iTunes & App Store
    • Tap on your Apple ID. Authenticate if asked
    • Click on View Apple ID
    • Select Country/Region
    • Select Change Country/Region
    • Choose a new country, click on Next
    • Accept the Terms and Conditions
    • Enter your payment method
  • On a Mac or PC
    • Open iTunes
    • Click on Account > View My Account
    • Sign in using your Apple ID
    • Press Enter or click on View Account
    • On the Account Information page, click on Change Country or Region
    • Click Agree to the terms and conditions
    • Enter a new payment method
    • Click Continue
  • From your Apple ID profile
    • Log on to your Apple ID account profile
    • Scroll to Account
    • Tap on Country/Region
    • Choose your new country or region. Click Continue when asked to confirm your new selection

Does Unblocking Content Allow Access to All Apps?

The method described above only works for free apps available for iOS devices. If you want to access paid apps, you’ll need to enter a payment method — and billing address – for the country

Switching from one country identity to another on iTunes or the App Store is complex, but can be done, by following these steps:

  • Open App Store > Apple ID
  • Click on Sign Out
  • Open Settings/General
  • Click on Language & Region
  • Select Region
  • Select a new country or region and create a new account by finding an app you want to download in the new country
    • Tap on the app. If a screen pops up that the item is not available, click on Change Store
    • Go to the app listing and tap Get > Install
    • Click Create New Apple ID
    • Select the new country or region and complete the Apple ID creation steps
    • Select None under Billing
  • Switching between stores is now possible by signing out of one iTunes or App Store account and signing back in via another

Accessing content in other countries can be critical for many users. With a few taps, you can open up a world of opportunities.

Continue reading

Communicate Consistently With Customers About Their Technology Needs and Your Value

MSP Customer Communication Leads to Deeper Long-Term Retention

Discover why it’s important that your managed services provider develops a regular communications schedule with each customer and what messages to convey.

MSP Communication

Managed services providers (MSPs) know that customer retention is a critical element of business success.

Communicating with your MSP customers is a must. But knowing how, when and what to communicate makes a difference.

How Frequently Should We Communicate with MSP Customers?

The frequency of communication is as much an art as it is a science. There may be some customers, especially those who are new, in the midst of a major project or in the throes of strategic planning, when more frequent contact and communication is necessary.

Face-to-face communication is the most effective means of communication, allowing for both a better give-and-take and a clearer interpretation of body language.

Ideally, you’ll schedule at least monthly in-person communication with your customers, meeting both with principals and other employees to understand what’s working and what could be improved. This communication, which includes a healthy dose of active listening, helps your customers feel heard, valued and respected, even if it’s an informal conversation over coffee and doughnuts.

What Brings Value to MSP Customer Communications?

Your customers look to you as more than a service provider. You’re also a valued advisor. You want your communications to have several elements that can bring value to your customers and how they perceive their relationship with you. These do not need to be a sales pitch, and usually should not be, but rather opportunities to demonstrate your expertise and insights, including:

  • Identifying solutions before you’re asked. If your client has, for example, recently had several cyberattack attempts that were the result of phishing attempts, you may want to suggest a heightened approach to employee education, including campaigns that test their responses to sample attack emails.
  • Looking forward. You want to provide insights on technology trends, emerging solutions and challenges, whether it’s a new version of software, regulatory changes affecting their business or the sunsetting of an operating system. Providing information that helps the customer consider the possibilities is a compelling way to demonstrate your value. These conversations can often unearth concerns and priorities that previously were not expressed.
  • Find synergies and partners. Look for connections and introductions you can make among your customers. You can also identify opportunities for partnerships or bartering opportunities, such as working with a printing company client to produce signage and business cards in exchange for a discount on provided IT services.

Value-added conversations that help your customers think in new ways are a powerful way of deepening customer relationships.

What Points Are Worth Repeating to MSP Customers?

One of the greatest outcomes of better customer communication is the opportunity to reinforce high-value and valuable services that are already being used or possible. Your communication should regularly reinforce some of the core values of working with a managed services provider. Driving these points home helps to make renewals, upgrades and the purchase of new services much easier.

Those key points are small reminders of why it makes sense for your customers to work with you, including:

  • Cost savings. Produce and walk your customers through how their managed services are reducing costs through improved efficiency, fewer downtime costs, lower operational costs for data centers and reduced internal IT staffing
  • Predictable costs. Customers need to be reminded that a fixed monthly cost for a range of IT services — help desk, vendor management, storage, disaster recovery, cloud hosting and security — means more budget certainty and fewer unanticipated technology expenses.
  • Less downtime. MSPs should tout their reliability and the high levels of uptime for services and systems. While these may be contractually mandated, it’s still an effective reminder of how committed your company is to their business operability levels.
  • Insurance. People and businesses purchase insurance to protect what matters most. That’s one way to frame managed services: insurance for your most critical systems, operations, processes and data.

A strategic approach to customer communications pays major dividends with regular, trusted and valued discussions.

Continue reading